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In the claims: 

Please amend the claims as follows, 
I i\f Amended) A method for protecting a network from a virus c ontained in an e-mail 
message as exeb^table code, the method comprising: 

(a) receiving th^'^o^ail message in a gatekeeper server; 

(b) converting the e-m^lsmessage from an executable format to a non-executable format 
by using one of a plurality of applicauBri-level conversion processes selected in accordance with 
a type of the e-mail message, the non-exfecutable format retaining an appearance, human 
readabiUty and semantic content of the e-mail messa^e;;and 

(c) forwarding the non-executable format to the recipient^f the e-mail message. 

2. (Original) The method of claim 1, wherein the executable code is contained in a body 
of the e-mail message. 

3. (Original) The method of claim 2, wherein the executable code comprises a hypertext 
link, and wherein step (b) comprises deactivating the hypertext link. 

4. (Original) The method of claim 1, wherein the executable code is contained in an 
attachment in the e-mail message. 

5. (Previously presented) The method of claim 4, wherein step (b) comprises: 

(i) providing a plurality of sacrificial servers in communication with the gatekeeper 

server; 

(ii) forwarding the attachment from the gatekeeper server to one of the plurality of 
sacrificial servers; and 

(iii) converting the attachment to the non-executable format on said one of the plurality of 
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sacrificial servers by using said one of the plurality of conversion processes selected in 
accordance with the type of the e-mail message, the non-executable format retaining the 
appearance, human readability and semantic content of the e-mail message. 

(Original) The method of claim 5, wherein step (b) further comprises (iii) examining 



the sacrificial server for virus activity. 

/, (Original) The method of clainjA v^herein step (b) fiarther comprises (iv) rebooting the 
sacrific^l server fi-om a safe copy of an operating system obtained fi-om a read-only device. 

^Srt Original) The method of claim 5, wherein communications between the gatekeeper 
server and the sacrificial server are authenticated using a challenge-and-response technique. 

.'9f1[Previously presented) The method of claim 4, wherein step (b) comprises: 

(i) maintaining a list of approved attachment file types and extensions; 

(ii) determining whether the attachment is of a type or extension which is in the list of 
approved attachment file types and extensions; and 

(iii) if the attachment is not of a type or extension which is in the list of approved 
attachment file types and extensions, informing the recipient that a message containing a non- 



approved attachment has been received. 

i. 



(Original) The method of claim 1, wherein step (b) comprises: 

(i) maintaining a list of approved executable code; 

(ii) determining whether the executable code is in the list of approved 
executable code; and 

(iii) deactivating the executable code if the executable code is not in the list of 
approved executable code. 

y(, (Original) The method of claim yS, wherem: 
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the list of approved executable code includes information for determining whether 
the approved executable code has been altered; and 

step (b) further comprises: 

(iv) determining whether the executable code has been altered; and 

(v) deactivating the executable code if the executable code has been altered. 

..-t^rt Original) The method of claim-^TT wherein step (b)(iv) is performed through an 
algorithmic technique. 

(Original) The method of clainvt2^ wherein the algorithmic technique is a check- 
summing technique. 

IS- 13 

(Original) The method of claimH:^wherein the algorithmic technique is a hashing 
technique. 

It,. 

J5r (Original) The method of claim 1, wherein step (b) comprises: 

(i) forming a first copy and a second copy of at least a portion of the e-mail 
message containing the executable code; 

(ii) executing the executable code in the first copy but not the second copy; 
and 

(iii) after the executable code in the first copy has been executed, comparing 
the first copy to the second copy to determine an effect of the executable 

_ code. 

^1^ (Amended) A system for-^notecting a network fi-om a virus contained in an e-mail 
message as executable code, the system comprising: 
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a wCBlfstation computer on the network used by a recipient of the e-mail message; 
a gatekeepef^^er, in communication with the workstation computer over the network, 
for receiving the e-mail messagfes^d 

a computer on the network for cortv^ing the e-mail message from an executable format 
to a non-executable format by using one of a plurai^v of application-level conversion processes 
selected in accordance with a type of the e-mail message, w^e non-executable format retaining an 
appearance, human readability and semantic content of the e-mail message and forwarding the 
converted e-mail message to the workstation computer. \ 

- II jn \ 

.-^TT (Original) The system of claim wherein the executable code is contained in a 
body of the e-mail message. 

J*:^(Original) The system of claim AT, wherein the executable code comprises a 
hypertext link, and wherein the computer for converting deactivates the hypertext link. 

(Original) The system of claim 4^ wherein the executable code is contained in an 
^tachment in the e-mail message. 

The system of claim-t6r wherein the computer for converting 
is one of a plurality of sacrificial servers which areiiTconimuniGatiQn^ the gatekeeper 




server. 



.24^ (Previously presented) The system of claim.3^wherein the pluraHtyof sacrificial 
servers are examined for virus activity. 

(Previously presented) The system of claim JifC^ wherein the network further 
comprises a read-only device, and wherein the sacrificial servers are rebooted from a safe copy 
of an operating system obtained from the read-only device. 

^J26^ (Previously presented) The system of claina-2e^wherein communications between the 
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gatekeeper server and the sacrificial servers are authenticated using a challenge-and-response 
technique. 

Sip- /7 

^34: (Previously presented) The system of claim4-6rwherein the network maintains a list 
of approved attachment file types and extensions, determines whether the attachment is of a file 
type or extension which is in the list of approved attachment file types and extensions, and, if the 
attachment is not of a file type or extension which is in the list of approved attachment file types 
and extensions, informs the recipient that a message containing a non-approved attachment has 
been received. 

-25r (Original) The system of claim -J-dTwherein the network maintains a list of approved 
executable code, determines whether the executable code is in the list of approved executable 
code, and deactivates the executable code if the executable code is not in the list of approved 
executable code. 

.,.-26r(Original) The system of clainv257 wherein: 

the list of approved executable code includes information for determining whether 
the approved executable code has been altered; 

the network determines whether the executable code has been altered; and 

the executable code is deactivated if the executable code has been altered. 

..2?T^(0riginal) The system of clainx267wherein the system determines whether the 
executable code has been altered through an algorithmic technique. 

JO J9 

.5^. (Original) The system of claim-27; wherein the algorithmic technique is a check- 
summing technique. 

(Original) The system of claim^, wherein the algorithmic technique is a hashing 
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technique. 

^/ II 

r^Qriginal) The system of claim-^^wherein the computer for converting converts the 
executable code by: 

(i) forming a first cbpjj^d a second copy of at least a portion of the e-mail 
message containing the exefeiitable code; 

(ii) executing the executable code in the copy but not the second copy; 
and 

(iii) after the executable code in the first copy has been^x^uted, comparing 
the first copy to the second copy to determine an effect of m^executable 
code. 

- .3: 

^ (Amended) A sacrificial server for use on a network, the sacrificial server 
comprising: 

communication means for receiving an e-mail attachment from the network; and 
processing means for converting the e-mail attachment from an executable format to a 
non-executable format by using one of a plurality of appUcation-level conversion processes 
selected in accordance with a type of the e-mail message, the non-executable format retaining an 
appearance, human readability and semantic content of the e-mail message and for returning the 
e-mail attachment to the network. 

32. (Original) The sacrificial server of claim 31, wherein the sacrificial server is 



examined for virus activity. 

(Original) The sacrificial server of claim-32; wherein the sacrificial server further 
comprises a read-only device and is rebooted from a safe copy of an operating system obtained 
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from the read-only device. 

yC, (Original) The sacrificial server of claim ,>t7 wherein commxmications between the 



network and the sacrificial server are authenticated using a challenge-and-response technique. 

3^., (Previously presented) The sacrificial server of clmmjyT, wherein the sacrificial 
server stores a list of approved attachment file types and extensions, determines whether the 
attachment is of a file type or extension which is in the list of approved attachment file types and 
extensions, and, if the attachment is not of a file type or extension which is in the list of approved 
attachment file types and extensions, and informs the network that a message containing a non- 
approved attachment has been received. 

(Original) The sacrificial server of claim wherein the sacnficial server maintains a 
list of approved executable code, determines whether the attachment contains executable code 
and whether the executable code is in the list of approved executable code, and deactivates the 
executable code if the executable code is not in the list of approved executable code. 
(Original) The sacrificial server of claim lo, wherein: 

the list of approved executable code includes information for determining whether 
the approved executable code has been altered; 

if the executable code is in the list of approved executable code, the sacrificial 
server determines whether the executable code has been altered; and 

the executable code is deactivated if the executable code has been altered. 

3^ (Original) The sacrificial server of claim wherein the sacrificial server determines 
whether the executable code has been altered through the use of an algorithmic technique. 

•4- > 

(Original) The sacrificial server of claim wherein the algorithmic technique is a 
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check-summing technique! 

/O. (Original) The sacrificial server of claim wherein the algorithmic technique is a 
hashing technique. 

_>M: (Original) The sacrificial server of claim X, wherein the processing means converts 
the executable code by: 

(i) forming a first copy and a second copy of at least a portion of the e-mail 
message containing the executable code; 

(ii) executing the executable code in the first copy but not the second copy; 
and 

(iii) after the executable code in the first copy has been executed, comparing 
the first copy to the second copy to determine an effect of the executable 
code. 

^ (Previously presented) The method of claim 5, wherein the plurality of sacrificial 
servers are separate from the gatekeeper server. . 

43. (Previously presented) The system of claim^, wherein the plurality o f sacrificial 
servers are separate from the gatekeeper server. 
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